Template:Wikify is deprecated. Please use a more specific cleanup template as listed in the documentation.

Web Application Security Scanners (or Web Application Vulnerability Scanners) are tools designed to automatically scan web applications for vulnerabilities. These tools work as black-box analyzer; meaning that, unlike Source Code Scanners, they don't access the source code and then, need to detect the vulnerabilities by performing attacks.

• Acunetix WVS by Acunetix
• AppScan by Watchfire, Inc.
• Hailstorm by Cenzic
• N-Stealth by N-Stalker
• NTOSpider by NTObjectives
• WebInspect by SPI Dynamics
• WebKing by Parasoft

• Grabber by Romain Gaucher
• Pantera by Simon Roses Femerling (OWASP Project)
• Paros by Chinotec
• Spike Proxy by Immunity (Now as OWASP Pantera)
• TestMaker by Pushtotest
• W3AF by Andres Riancho
• Wapiti by Nicolas Surribas
• WebScarab by Rogan Dawes of Aspect Security (OWASP Project)

• The WASC is starting a Web Application Security Scanner Evaluation Criteria (WASSEC) project
• The NIST is also running a Web Application Secuity Scanner Evaluation project in the SAMATE project

This computing article is a stub. You can help Wikipedia by expanding it.

• v
• t
• e